How to Prevent web pages from being hacked virtual host users prevent asp Trojans

Source: Internet
Author: User
Tags mdb database

Presumably, many VM users have experienced web page tampering and data deletion,
In addition to suffering from such behavior, many customers suffer from ineffective preventive measures.

In view of the fact that most website intrusions are completed by using asp Trojans, our company will close up this article so that common VM users can better understand and prevent asp Trojans. Only by taking preventive measures jointly between the space provider and the virtual host user can asp Trojans be effectively prevented!

1. What is an asp Trojan?
It is actually a website program written in asp, and some asp Trojans are modified by the asp Website management program.
There is no essential difference between asp and other asp programs, as long as the space that can run asp can run it, this nature makes asp Trojans very difficult to detect. The difference between asp and other asp programs is that asp Trojans are asp programs that intruders upload to the target space and help intruders control the target space. If you want to disable asp Trojans, it is equivalent to disabling asp. Obviously, this is not feasible. This is why asp Trojans are rampant!

Ii. intrusion Principle
It is important to upload an asp Trojan horse to the target space if you want to intrude!
How can intruders upload asp Trojans?
It is ironic that most intruders use the existing asp program with the upload function in the target space.

Under normal circumstances, these asp programs that can upload files have permission restrictions, most of which also limit the upload of asp files.
(For example, news publishing and image management programs that can upload images, and Forum programs that can upload more types of files)
However, due to human asp setup errors and vulnerabilities in asp programs, intruders are allowed to upload asp Trojans.
As long as an asp Trojan is uploaded to the target space, intruders can run it to control the target space.
According to our company's statistics: 2/3 of intrusions were completed by exploiting the vulnerabilities of asp upload program itself.

Therefore, the focus of asp Trojan prevention is on how to ensure the security of asp upload programs in your space!
To put it bluntly, the intruders are not allowed to upload files!

Here is an additional description.
Due to the unpredictable nature of the programs that virtual host users upload on their own sites, and whether each program has vulnerabilities,
Therefore, it is impossible to prevent intruders from using the client program vulnerability in the site to upload asp Trojans.
The Space Provider can only prevent intruders from intruding other sites on the same server again using the intruded site.

This also indicates that to prevent asp Trojans, Vm users must strictly control their own programs!

Iii. Preventive measures
First, you can evaluate the risk of your website being infiltrated by asp Trojans based on the following security levels.

A. The website does not contain any upload or forum programs.
----- Very secure

B. There are upload programs or forum programs on the website. Only the administrator can upload the programs and take protective measures against the program database.
----- General Security

C. There are upload programs or forum programs on the website, and many users can upload programs without protection measures for the program database.
----- Very dangerous!

This security level only gives you a preliminary understanding of the security of your own space. Next we will talk about the specific preventive measures:

1. We recommend that you use ftp to upload and maintain webpages, and try not to install asp upload programs.

2. the asp upload program must be called for identity authentication, and only trusted users are allowed to use the upload program. This includes various news releases, malls, and Forum programs. All asp files that can be uploaded must undergo identity authentication! In addition, you can rename or delete the asp files that are uploaded without the upload function, such as upload. asp, upfile. asp and so on, and then restore the original name or re-upload through ftp when necessary.

3. the username and password of the asp program administrator must be complex and cannot be too simple. Pay attention to regular change.

4. Download the asp program on a regular website and modify the Database Name and storage path after the download. The database file name must also be complex. We recommend that customers of our company use the. mdb database file extension because our company server has set the. mdb file anti-download function.

5. Try to keep the program in the latest version.

6. Do not add a link to the background management program logon page on the webpage.

7. To prevent unknown vulnerabilities in the program, you can delete the background management program login page after maintenance, and then upload it through ftp during the next maintenance.

8. Always back up important files such as databases.

9. perform routine maintenance and check whether there are unknown asp files in the space. This is especially used to store directories for uploaded files, such as previusfile and uploadsoft *. asp or *. exe files should be deleted immediately, because 90% of these files may be infiltrated by programs. Remember: one minute of sweat, another minute of safety!

10. Once an intrusion is detected, all files must be deleted unless the customer can identify all trojan files.
Before re-uploading a file, reset the user name and password of all asp programs, and re-Modify the Database Name and storage path of the program and the path of the background management program.

If you take the above preventive measures, your space can only be said to be relatively safe, and you must not neglect it because intrusion and anti-intrusion are an eternal war!

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.